Article Preview
TopIntroduction
Cybercrime, one of the fastest growing crimes across the globe, involves the use of computers and digital platforms to conduct unlawful activities driven by motives like revenge or financial gain (Toona, 2022). It is a major challenge faced by financial institutions and intent service providers, including those in South Africa.
Accenture (2020) reported that the cost incurred due to cybercrime perpetration has increased to R2.2 bn per year. The National Cybersecurity Index (2018) indicated that South Africa ranked 102 out of 160 countries in terms of cybersecurity capacity, with an estimated score of 27.27%. The Global Cybersecurity Index ranked South Africa fourth and eighth in the list of African countries vulnerable to cybersecurity breaches in 2018 and 2020, respectively (Global Cybersecurity Index, 2018, 2020). According to Cyber Exposure Index (2020), South Africa maintained the sixth position among African countries with extreme exposure to cybersecurity vulnerabilities. This report aligns with Surfshark (2022), which revealed that South Africa ranked sixth in cybercrime density, increasing from 11.8 victims per one million internet users in 2016 to 14.1 victims in 2019 and from 50.8 victims in 2020 to 56 victims in 2021.
Researchers like Mcanyana and Brindley (2020) and Akinbowale et al. (2024a, 2024b) reported that South Africa witnessed increasing rates of cyberattacks, impacting banks, service providers, and customers. According to Toona (2022), the main targets of cybercrime in South Africa are financial institutions, insurance companies, energy and utility companies, and the government. However, any business organization can be targeted. Toona (2022) also reported that since the COVID-19 pandemic, South Africa has witnessed high profile cyberattacks on financial institutions and critical national infrastructures like the Transnet (a state-owned freight logistics organization) and South Africa’s Department of Justice and Constitutional Development.
Prominent cybercrime methods include phishing, spam e-mail, denial of service (DoS), ransomware, and malware attacks. Delport (2020) reported that from January to March 2020, cyberattack cases through malware increased by 33%, while spamming attacks increased by 26.3%. The cyber defense approach employed by banks, service providers, and customers proved quite effective, with the detection of fraud via impersonation increasing by 30.3%, malware detections increasing by 35.16%, and the blocking of fraudulent links increasing by 59.8% (Delport, 2020). A survey by Akinbowale et al. (2024b) on the effectiveness of anti-fraud technologies in South African banking industries also supported the notion that South African banks deploy up-to-date technologies to effectively mitigate cybercrime.
However, the rate of cybercrime perpetration in South Africa is still on the rise. In fact, anti-fraud technologies alone cannot ensure the sustainable or effective mitigation of cybercrime perpetration. Other issues must be considered, including internal controls, synergy among stakeholders saddled with the responsibility of ensuring cybersecurity, the enactment and implementation of anti-cybercrime laws, and the development and implementation of regulatory and control frameworks. Drawbacks delaying the fight against cybercrime in South Africa include a lack of strict anti-cybercrime laws and resources for law enforcement agencies (Rick Crouch & Associates, 2020).
The efforts of the government and other stakeholders in fighting cybercrime have yielded positive results. Still, the goal of cybercrime mitigation has not been achieved holistically. It is, however, worth mentioning that the challenge of cybercrime perpetration is not limited to South Africa. This costly global problem disrupts large and small businesses and puts data and networks at risk (Deloitte, 2016).